george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,219 Commits 14 Branches 20 Tags
1034d4038e6c59b5b4d69b3b9e8a9b0b35a6fc18
Commit Graph

2219 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
PrivateBin Translator Bot
dd4633ff8f New translations en.json (Ukrainian) 2021-04-18 21:04:05 +02:00
PrivateBin Translator Bot
c0207d00a2 New translations en.json (Chinese Simplified) 2021-04-18 21:04:04 +02:00
PrivateBin Translator Bot
bd83415c82 New translations en.json (Hindi) 2021-04-18 21:04:02 +02:00
PrivateBin Translator Bot
478f806e9c New translations en.json (Latin) 2021-04-18 21:04:01 +02:00
PrivateBin Translator Bot
db402baa14 New translations en.json (Occitan) 2021-04-18 21:04:00 +02:00
PrivateBin Translator Bot
dac5bd1d93 New translations en.json (Dutch) 2021-04-18 21:03:59 +02:00
PrivateBin Translator Bot
4b2f2920a2 New translations en.json (Indonesian) 2021-04-18 21:03:57 +02:00
El RIDO
83620d7eb5 Merge branch 'master' into formAction 2021-04-18 20:59:17 +02:00
El RIDO
de4abad748 Merge branch 'download-feature' 2021-04-18 20:55:59 +02:00
rugk
3ca01024fd feat: disallow form submission alltogether 
Following the tests and HTTP Observatory, I think we can disable forms altogether.

Fixes https://github.com/PrivateBin/PrivateBin/issues/778
 2021-04-18 14:16:39 +02:00
rugk
5809a7cfa7 feat: add form-action CSP restriction 
This follows a suggestion from HTTP Observatory:
> Restricts where <form> contents may be submitted by using form-action 'none', form-action 'self', or specific URIs

Fixes #778
 2021-04-18 14:14:46 +02:00
El RIDO
0e78534e48 re-label "Download" button to "Save paste" 2021-04-18 09:07:57 +02:00
PrivateBin Translator Bot
b68ae363ec New translations en.json (Indonesian) 2021-04-18 01:03:48 +02:00
El RIDO
3181cfe58a translate download button, add it to page template 2021-04-17 09:15:00 +02:00
El RIDO
bc11452259 make filename unique per paste ID 2021-04-17 09:08:11 +02:00
El RIDO
853a4f386f fix indentation 2021-04-17 08:51:25 +02:00
El RIDO
9683c591bb document change 2021-04-17 08:48:12 +02:00
El RIDO
47029fb04e Merge branch 'master' into download-feature 2021-04-17 08:47:14 +02:00
El RIDO
735a77b783 Merge branch 'floc' 2021-04-17 08:39:50 +02:00
El RIDO
5f4200c721 document change 2021-04-17 08:39:35 +02:00
El RIDO
9b893f09d7 Merge branch 'master' into floc 2021-04-17 08:35:21 +02:00
El RIDO
3b9b6c948f Merge branch 'cspBaseUrl' 2021-04-17 08:20:32 +02:00
El RIDO
7b7a32c0a7 apply StyleCI recommendation 2021-04-17 08:20:08 +02:00
rugk
fd7d05e862 Add base URL as default CSP restriction 
This follows an [HTTP Observatory recommendation](https://observatory.mozilla.org/analyze/privatebin.net):
> Restricts use of the <base> tag by using base-uri 'none', base-uri 'self', or specific origins.

Given we don't use that anywhere, this safe should be safe. (not tested practically though)
 2021-04-16 22:04:28 +02:00
El RIDO
8232dce395 Merge branch 'cookie-secure-flag' 2021-04-16 20:51:11 +02:00
El RIDO
6f3bb25b09 disable Google FloC 2021-04-16 20:25:50 +02:00
El RIDO
1dc8b24665 transmit cookie only over HTTPS, fixes #472 2021-04-16 20:15:12 +02:00
Christian Pierre MOMON
ed66351337 Added download feature (#5318). 2021-04-16 19:29:03 +02:00
El RIDO
9e6eb50ced adding new security headers, fixes #765 2021-04-16 19:19:11 +02:00
El RIDO
d727837324 Merge branch 'crowdin-translation' 2021-04-16 18:27:45 +02:00
El RIDO
175d14224e set plurals for and credit Estonian translation 2021-04-16 18:27:12 +02:00
El RIDO
51f1f67fe8 Merge branch 'master' into crowdin-translation 2021-04-16 18:00:42 +02:00
PrivateBin Translator Bot
ab250d8686 New translations en.json (Lithuanian) 2021-04-10 16:52:48 +02:00
PrivateBin Translator Bot
1ff8637c23 New translations en.json (Lithuanian) 2021-04-10 15:45:21 +02:00
PrivateBin Translator Bot
727166e945 New translations en.json (Estonian) 2021-04-08 23:05:35 +02:00
PrivateBin Translator Bot
e50f3eb311 New translations en.json (Estonian) 2021-04-08 22:00:09 +02:00
PrivateBin Translator Bot
f5fa37b5f2 New translations en.json (Estonian) 2021-04-08 20:55:45 +02:00
PrivateBin Translator Bot
587822838a New translations en.json (Chinese Simplified) 2021-04-07 09:18:03 +02:00
PrivateBin Translator Bot
553417194c New translations en.json (Estonian) 2021-04-06 20:07:13 +02:00
El RIDO
8a08a2167b fix display of indonesian label in drop-down 2021-04-06 06:27:12 +02:00
El RIDO
d65bf02d78 upgraded kjua 1.3.5 2021-04-05 17:33:07 +02:00
El RIDO
30c8d97517 update PHP dependencies 2021-04-05 17:11:51 +02:00
El RIDO
65d8f896c7 fix make coverage-php 2021-04-05 17:05:46 +02:00
El RIDO
458ebcb321 incrementing version 2021-04-05 17:05:14 +02:00
El RIDO
ec022b2db9 documenting fix for #682 2021-04-05 13:51:23 +02:00
El RIDO
a369202c51 add missing expiration reset 2021-04-05 13:47:37 +02:00
El RIDO
77ee40909f record defaults during initialization, fixes #682 2021-04-05 13:24:53 +02:00
El RIDO
5fd829aa09 adding unit tests for TopNav.resetInput(), triggering bug described in #682 2021-04-05 12:50:23 +02:00
El RIDO
8864523173 Merge pull request #766 from PrivateBin/codacy 
Let's try Codacy code scanning again
 2021-04-05 12:21:14 +02:00
El RIDO
44cc70ee35 Merge pull request #764 from FozzieHi/patch-1 
Remove mention of HPKP in the README.
 2021-04-05 12:15:31 +02:00